RE: Dell Optiplex 7050 and UEFI boot. Failed

Hi @george1421 ,

Adding the pxe-service lines works fine XDD… I wonder if is a miracle that it has worked well until now in the other hardwares.

Actual dnsmasq.conf file:

port=0
log-dhcp
tftp-root=/tftpboot

# Disable re-use of the DHCP servername and filename fields as extra
# sy=2pace. That's to avoid confusing some old or broken DHCP clients.
dhcp-no-override

# inspect the vendor class string and match the text to set the tag
dhcp-vendorclass=BIOS,PXEClient:Arch:00000
dhcp-vendorclass=UEFI32,PXEClient:Arch:00006
dhcp-vendorclass=UEFI,PXEClient:Arch:00007
dhcp-vendorclass=UEFI64,PXEClient:Arch:00009

# Set the boot file name based on the matching tag from the vendor class (above)
dhcp-boot=net:UEFI32,i386-efi/ipxe_delay.efi,,10.0.15.8
dhcp-boot=net:UEFI,ipxe_delay.efi,,10.0.15.8
dhcp-boot=net:UEFI64,ipxe_delay.efi,,10.0.15.8

# The boot filename, Server name, Server Ip Address
dhcp-boot=undionly_delay.kpxe,,10.0.15.8

# PXE menu.  The first part is the text displayed to the user.  The second is the timeout, in seconds.
pxe-prompt=Booting FOG Client, 1

# The known types are x86PC, PC98, IA64_EFI, Alpha, Arc_x86,
# Intel_Lean_Client, IA32_EFI, BC_EFI, Xscale_EFI and X86-64_EFI
# This option is first and will be the default if there is no input from the user.
pxe-service=X86PC, Boot to FOG, undionly.kpxe
pxe-service=X86-64_EFI, Boot to FOG UEFI, ipxe.efi
pxe-service=BC_EFI, Boot to FOG UEFI PXE-BC, ipxe.efi

#dhcp-reply-delay=0

# VLAN 50 (Biblioteca) 
dhcp-range=10.227.34.1,proxy,255.255.254.0 

I have updated the BIOS version to 1.11.0 and 1.11.1 and doesn’t work

@george1421 said in Dell Optiplex 7050 and UEFI boot. Failed:

So if I understand the logs, its pxe booting and picking up a dhcp address but it doesn’t download the ipxe.efi boot file. Are you getting an error on the workstation itself (i.e. PXE-XXX)? I have seen one other firmware do this (basically ignore the boot info).

In the workstation doesn’t appear any PXE error:

>>Checking Media Presence .....
>>Media Present.......
>>Start PXE over IPv4 [and later IPv6]

Is your fog server and target computer on the same subnet?

No. The server is in one vlan and the clients are in different vlans

Also have you confirmed that you have the latest firmware on this failing computer?
I just see that Dell have update the BIOS version in November 1.11.0 and in March 1.11.1. The computer have the 1.8.3 version. I will try to update it but without hope

Also (unless you didn’t include everything which I suspect since the dhcp-range stanza is missing) you are missing the proxy-dhcp bits in your dnsmasq config file.

I don’t include them:

# VLAN 50 (Biblioteca) 
dhcp-range=10.227.34.1,proxy,255.255.254.0

I don’t have any pxe-service lines in the config file:

pxe-service=X86PC, "Boot to FOG", undionly.kpxe
pxe-service=X86-64_EFI, "Boot to FOG UEFI", ipxe.efi
pxe-service=BC_EFI, "Boot to FOG UEFI PXE-BC", ipxe.efi

dnsmasq.conf file:

port=0
log-dhcp
tftp-root=/tftpboot
# If you want dnsmasq to listen for DHCP and DNS requests only on
# specified interfaces (and the loopback) give the name of the interface
interface=ens192

# Disable re-use of the DHCP servername and filename fields as extra
# option space. That's to avoid confusing some old or broken DHCP clients.
dhcp-no-override

# inspect the vendor class string and match the text to set the tag
dhcp-vendorclass=BIOS,PXEClient:Arch:00000
dhcp-vendorclass=UEFI32,PXEClient:Arch:00006
dhcp-vendorclass=UEFI,PXEClient:Arch:00007
dhcp-vendorclass=UEFI64,PXEClient:Arch:00009

# Set the boot file name based on the matching tag from the vendor class (above)
dhcp-boot=net:UEFI32,i386-efi/ipxe_delay.efi,,10.0.15.4
dhcp-boot=net:UEFI,ipxe.efi,,10.0.15.4
dhcp-boot=net:UEFI64,10secdelay/ipxe.efi,,10.0.15.4


# The boot filename, Server name, Server Ip Address
dhcp-boot=10secdelay/undionly.kpxe,,10.0.15.4

# PXE menu.  The first part is the text displayed to the user.  The second is the timeout, in seconds.
pxe-prompt=Booting FOG Client, 1

#dhcp-reply-delay=0

# VLAN 50 (Biblioteca) 
dhcp-range=10.227.34.1,proxy,255.255.254.0 

Hi FOGers!!

I have problems with Dell optiplex 7050 and UEFI.

Scenario:
Dell Optiplex 7050
BIOS version: 1.8.3
FOG version: 1.5.5

I use DNSMASQ in the server as proxy, I configurated it following the wiki [https://wiki.fogproject.org/wiki/index.php?title=BIOS_and_UEFI_Co-Existence]

# inspect the vendor class string and match the text to set the tag
dhcp-vendorclass=BIOS,PXEClient:Arch:00000
dhcp-vendorclass=UEFI32,PXEClient:Arch:00006
dhcp-vendorclass=UEFI,PXEClient:Arch:00007
dhcp-vendorclass=UEFI64,PXEClient:Arch:00009

# Set the boot file name based on the matching tag from the vendor class (above)
dhcp-boot=net:UEFI32,i386-efi/ipxe_delay.efi,,10.0.15.4
dhcp-boot=net:UEFI,ipxe.efi,,10.0.15.4
dhcp-boot=net:UEFI64,10secdelay/ipxe.efi,,10.0.15.4


# The boot filename, Server name, Server Ip Address
dhcp-boot=10secdelay/undionly.kpxe,,10.0.15.4

# PXE menu.  The first part is the text displayed to the user.  The second is the timeout, in seconds.
pxe-prompt=Booting FOG Client, 1

I don’t have problems with other hardware like HP 800 G2 or G1, but I can not boot the Dell Optiplex 7050 using UEFI, with BIOS works fine.

I paste the message log file where the dnsmasq logs:

Apr  3 13:03:51 fog7 dnsmasq-dhcp[54605]: 60349881 available DHCP subnet: 10.227.15.1/255.255.255.224
Apr  3 13:03:51 fog7 dnsmasq-dhcp[54605]: 60349881 vendor class: PXEClient:Arch:00007:UNDI:003016
Apr  3 13:03:51 fog7 dnsmasq-dhcp[54605]: 60349881 PXE(ens192) 54:bf:64:60:8d:e6 proxy
Apr  3 13:03:51 fog7 dnsmasq-dhcp[54605]: 60349881 tags: known, UEFI, ens192
Apr  3 13:03:51 fog7 dnsmasq-dhcp[54605]: 60349881 bootfile name: ipxe.efi
Apr  3 13:03:51 fog7 dnsmasq-dhcp[54605]: 60349881 next server: 10.0.15.4
Apr  3 13:03:51 fog7 dnsmasq-dhcp[54605]: 60349881 broadcast response
Apr  3 13:03:51 fog7 dnsmasq-dhcp[54605]: 60349881 sent size:  1 option: 53 message-type  2
Apr  3 13:03:51 fog7 dnsmasq-dhcp[54605]: 60349881 sent size:  4 option: 54 server-identifier  10.0.15.4
Apr  3 13:03:51 fog7 dnsmasq-dhcp[54605]: 60349881 sent size:  9 option: 60 vendor-class  50:58:45:43:6c:69:65:6e:74
Apr  3 13:03:51 fog7 dnsmasq-dhcp[54605]: 60349881 sent size: 17 option: 97 client-machine-id  00:44:45:4c:4c:52:00:10:35:80:57:c2:c0:4f...

Apr  3 13:03:54 fog7 dnsmasq-dhcp[54605]: 60349881 available DHCP subnet: 10.227.15.1/255.255.255.224
Apr  3 13:03:54 fog7 dnsmasq-dhcp[54605]: 60349881 vendor class: PXEClient:Arch:00007:UNDI:003016
Apr  3 13:03:54 fog7 dnsmasq-dhcp[54605]: 179443565 available DHCP subnet: 10.227.15.1/255.255.255.224
Apr  3 13:03:54 fog7 dnsmasq-dhcp[54605]: 179443565 vendor class: PXEClient:Arch:00007:UNDI:003016
Apr  3 13:03:54 fog7 dnsmasq-dhcp[54605]: 179443565 PXE(ens192) 54:bf:64:60:8d:e6 proxy
Apr  3 13:03:54 fog7 dnsmasq-dhcp[54605]: 179443565 tags: known, UEFI, ens192
Apr  3 13:03:54 fog7 dnsmasq-dhcp[54605]: 179443565 bootfile name: ipxe.efi
Apr  3 13:03:54 fog7 dnsmasq-dhcp[54605]: 179443565 next server: 10.0.15.4
Apr  3 13:03:54 fog7 dnsmasq-dhcp[54605]: 179443565 sent size:  1 option: 53 message-type  5
Apr  3 13:03:54 fog7 dnsmasq-dhcp[54605]: 179443565 sent size:  4 option: 54 server-identifier  10.0.15.4
Apr  3 13:03:54 fog7 dnsmasq-dhcp[54605]: 179443565 sent size:  9 option: 60 vendor-class  50:58:45:43:6c:69:65:6e:74
Apr  3 13:03:54 fog7 dnsmasq-dhcp[54605]: 179443565 sent size: 17 option: 97 client-machine-id  00:44:45:4c:4c:52:00:10:35:80:57:c2:c0:4f...
Apr  3 13:03:54 fog7 dnsmasq-dhcp[54605]: 179443565 sent size: 25 option: 43 vendor-encap  06:01:08:0a:13:01:42:6f:6f:74:69:6e:67:20...

The next log is from a HP 800 G2, with this hardware the UEFI boot process works fine.

Apr  3 13:11:28 fog7 dnsmasq-dhcp[56965]: 2988621705 available DHCP subnet: 10.227.15.1/255.255.255.224
Apr  3 13:11:28 fog7 dnsmasq-dhcp[56965]: 2988621705 vendor class: PXEClient:Arch:00007:UNDI:003016
Apr  3 13:11:28 fog7 dnsmasq-dhcp[56965]: 2988621705 PXE(ens192) 94:57:a5:ed:e0:71 proxy
Apr  3 13:11:28 fog7 dnsmasq-dhcp[56965]: 2988621705 tags: known, UEFI, ens192
Apr  3 13:11:28 fog7 dnsmasq-dhcp[56965]: 2988621705 bootfile name: ipxe.efi
Apr  3 13:11:28 fog7 dnsmasq-dhcp[56965]: 2988621705 next server: 10.0.15.4
Apr  3 13:11:28 fog7 dnsmasq-dhcp[56965]: 2988621705 broadcast response
Apr  3 13:11:28 fog7 dnsmasq-dhcp[56965]: 2988621705 sent size:  1 option: 53 message-type  2
Apr  3 13:11:28 fog7 dnsmasq-dhcp[56965]: 2988621705 sent size:  4 option: 54 server-identifier  10.0.15.4
Apr  3 13:11:28 fog7 dnsmasq-dhcp[56965]: 2988621705 sent size:  9 option: 60 vendor-class  50:58:45:43:6c:69:65:6e:74
Apr  3 13:11:28 fog7 dnsmasq-dhcp[56965]: 2988621705 sent size: 17 option: 97 client-machine-id  00:64:93:26:fc:58:34:e6:11:9c:43:bc:00:00...

Apr  3 13:11:32 fog7 dnsmasq-dhcp[56965]: 2988621705 available DHCP subnet: 10.227.15.1/255.255.255.224
Apr  3 13:11:32 fog7 dnsmasq-dhcp[56965]: 2988621705 vendor class: PXEClient:Arch:00007:UNDI:003016
Apr  3 13:11:32 fog7 dnsmasq-dhcp[56965]: 561179993 available DHCP subnet: 10.227.15.1/255.255.255.224
Apr  3 13:11:32 fog7 dnsmasq-dhcp[56965]: 561179993 vendor class: PXEClient:Arch:00007:UNDI:003016
Apr  3 13:11:32 fog7 dnsmasq-dhcp[56965]: 561179993 PXE(ens192) 94:57:a5:ed:e0:71 proxy
Apr  3 13:11:32 fog7 dnsmasq-dhcp[56965]: 561179993 tags: known, UEFI, ens192
Apr  3 13:11:32 fog7 dnsmasq-dhcp[56965]: 561179993 bootfile name: ipxe.efi
Apr  3 13:11:32 fog7 dnsmasq-dhcp[56965]: 561179993 next server: 10.0.15.4
Apr  3 13:11:32 fog7 dnsmasq-dhcp[56965]: 561179993 sent size:  1 option: 53 message-type  5
Apr  3 13:11:32 fog7 dnsmasq-dhcp[56965]: 561179993 sent size:  4 option: 54 server-identifier  10.0.15.4
Apr  3 13:11:32 fog7 dnsmasq-dhcp[56965]: 561179993 sent size:  9 option: 60 vendor-class  50:58:45:43:6c:69:65:6e:74
Apr  3 13:11:32 fog7 dnsmasq-dhcp[56965]: 561179993 sent size: 17 option: 97 client-machine-id  00:64:93:26:fc:58:34:e6:11:9c:43:bc:00:00...
Apr  3 13:11:32 fog7 dnsmasq-dhcp[56965]: 561179993 sent size: 25 option: 43 vendor-encap  06:01:08:0a:13:01:42:6f:6f:74:69:6e:67:20...

Apr  3 13:11:33 fog7 xinetd[9894]: START: tftp pid=57901 from=10.227.15.7
Apr  3 13:11:33 fog7 in.tftpd[57902]: Error code 8: User aborted the transfer
Apr  3 13:11:34 fog7 in.tftpd[57903]: Client 10.227.15.7 finished ipxe.efi

Apr  3 13:11:56 fog7 dnsmasq-dhcp[56965]: 754448747 vendor class: PXEClient:Arch:00007:UNDI:003010
Apr  3 13:11:56 fog7 dnsmasq-dhcp[56965]: 754448747 user class: iPXE
Apr  3 13:11:56 fog7 dnsmasq-dhcp[56965]: 754448747 PXE(ens192) 94:57:a5:ed:e0:71 proxy
Apr  3 13:11:56 fog7 dnsmasq-dhcp[56965]: 754448747 tags: known, UEFI, ens192
Apr  3 13:11:56 fog7 dnsmasq-dhcp[56965]: 754448747 bootfile name: ipxe.efi
Apr  3 13:11:56 fog7 dnsmasq-dhcp[56965]: 754448747 next server: 10.0.15.4
Apr  3 13:11:56 fog7 dnsmasq-dhcp[56965]: 754448747 broadcast response
Apr  3 13:11:56 fog7 dnsmasq-dhcp[56965]: 754448747 sent size:  1 option: 53 message-type  2
Apr  3 13:11:56 fog7 dnsmasq-dhcp[56965]: 754448747 sent size:  4 option: 54 server-identifier  10.0.15.4
Apr  3 13:11:56 fog7 dnsmasq-dhcp[56965]: 754448747 sent size:  9 option: 60 vendor-class  50:58:45:43:6c:69:65:6e:74
Apr  3 13:11:56 fog7 dnsmasq-dhcp[56965]: 754448747 sent size: 17 option: 97 client-machine-id  00:64:93:26:fc:58:34:e6:11:9c:43:bc:00:00...
Apr  3 13:11:56 fog7 dnsmasq-dhcp[56965]: 754448747 available DHCP subnet: 10.227.15.1/255.255.255.224
Apr  3 13:11:56 fog7 dnsmasq-dhcp[56965]: 754448747 vendor class: PXEClient:Arch:00007:UNDI:003010
Apr  3 13:11:56 fog7 dnsmasq-dhcp[56965]: 754448747 user class: iPXE
Apr  3 13:11:56 fog7 in.tftpd[57972]: Client 10.227.15.7 finished default.ipxe


Apr  3 13:12:20 fog7 dnsmasq-dhcp[56965]: 3016878399 available DHCP subnet: 10.227.15.1/255.255.255.224
Apr  3 13:12:20 fog7 dnsmasq-dhcp[56965]: 3016878399 vendor class: udhcp 1.29.2
Apr  3 13:12:20 fog7 dnsmasq-dhcp[56965]: 3016878399 available DHCP subnet: 10.227.15.1/255.255.255.224
Apr  3 13:12:20 fog7 dnsmasq-dhcp[56965]: 3016878399 vendor class: udhcp 1.29.2
Apr  3 13:12:20 fog7 rpc.mountd[9945]: authenticated mount request from 10.227.15.7:851 for /images/dev (/images/dev)

I’m glad but we’re cheating

If we erase the last change

$filter = sprintf(
               '(&(|(name=%s))(%s=%s))',
               implode(')(name=', (array)$adminGroups),
               $grpMemAttr,
               $this->escape($userDN, null, LDAP_ESCAPE_FILTER)
);

Ans setup the Search Base DN parameter only to dsptest, does work?

I know but now the problem is why is the $filter variable NULL? is strange.

        $filter = sprintf(
            '(&(|(name=%s))(%s=%s))',
            implode(')(name=', (array)$adminGroups),
            $grpMemAttr,
            $this->escape($userDN, null, LDAP_ESCAPE_FILTER)
        );
        /**
         * The attribute to get.
         */
        $attr = array($grpMemAttr);
        /**
         * Read in the attributes
         */
        $result = $this->_result($grpSearchDN, $filter, $attr);

Are you sure that the $filter variable is well write in the var_dump() function? XD
The output of this variable must be:

(&(|(name=dsp))(memberuid=uid=dsptest,ou=Users,dc=****,dc=***))'

If you change the code to:

        $filter = sprintf(
            '(&(|(name=%s))(%s=%s))',
            implode(')(name=', (array)$adminGroups),
            $grpMemAttr,
//            $this->escape($userDN, null, LDAP_ESCAPE_FILTER)
            'dsptest'
        );
        /**
         * The attribute to get.
         */
        $attr = array($grpMemAttr);
        /**
         * Read in the attributes
         */
        $result = $this->_result($grpSearchDN, $filter, $attr);
        if (false !== $result) {
            return 2;
        }

UPDATED

Hi @antonionardella ,

With this output we can see that the filter is NULL and this is the problem
But the big question is why?

Please change the var_dump line with:

var_dump($grpSearchDN,$filter,$attr,$adminGroups,$userDN);

And paste the output.

We can try to debug the @antonionardella 's code.

Make a copy of the file /var/www/[html/]fog/lib/plugin/ldap/class/ldap.class.php

#cp ldap.class.php ldap.class.php.ori

Let’s go to edit the ldap.class.php file, line 628 and insert the next code:

        $result = $this->_result($grpSearchDN, $filter, $attr);
//********* DEBUG ********************
        var_dump($grpSearchDN,$filter,$attr);
        exit;
//************************************
        if (false !== $result) {
            return 2;
        }
        /**
         * If no record is returned then user is not in the
         * admin group. Change the filter and check the mobile
         * group for membership.
         */

The var_dump function will write the value of the variables $grpSearchDN, $filter and $attr in the page of the browser. After do the changes, go to the validation page and enter the credentials and send us a screenshot.

In my case returns:

string(29) "ou=groups,dc=xxxx,dc=xxxx,dc=xxxx" string(77) "(&(|(name=aux.caunivel21))(member=CN=bcxxxx,OU=people,DC=xxxx,DC=xxxx,DC=xxxx))" array(1) { [0]=> string(6) "member" }

And if you change the filter with:

(&(|(name=dsp))(memberuid=dsptest,ou=Groups,dc=XXXXXX,dc=XXXXX));

@george1421 said in LDAP Plugin with openLDAP:

@Fernando-Gietz said in LDAP Plugin with openLDAP:

|(name=dsp))(memberuid=uid=dsptest

The issue is with this bit of the query syntax.

We are doing an or between ‘(name=dsp)’ ad ‘)’ There is a missing parameter the other part of the or test or there is an extra ‘)’ in that syntax. I really need to count opening and closing parentheses here, but my gut feeling is its wrong. As well as the ‘memberuid=uid=dsptest’ test. I haven’t had time to see what changed in the ldap auth module but I’m a bit surprised that it authenticates AD since AD is really picky on the query syntax.

The second parentesis is necessary because the the sintax has a logical operator “|” (|(name=dsp).

I don’t have openLDAP, I use AD but my filter is:
(&(|(name=aux.caunivel21))(member=CN=bczxxxx,OU=people,DC=xxxx,DC=xxx,DC=xx))

And works fine

Some reports, like “imaging log”, don’t have pre filters and try to show all the entries in the database, normally you have a lot of entries in the database and the server doesn’t have memory to run it.

In the dev-branch, not stable branch, I made some changes in the reports to have some pre-filters, with these pre-filters you can limit more the search parameters and be more exhaustive and use less memory

You can see the code in /var/www/[html/]fog/lib/plugin/ldap/class/ldap.class.php
functions: authLDAP() and _getAccessLevel()

I knew the plugin XD but @Tom-Elliott and @george1421 made a lot of changes to give support to active directory.

The connection to the openLDAP server works fine but the problem is when the script try to know if the user belong to the admin group.

Well, I am seeing the code and the problem is that the value of $accessLevel variable is 0. The possible values of this variable is:

     * Sets our default accessLevel to 0.
     * 0 = fail
     * 1 = mobile
     * 2 = admin

If dsp user is in the admin group then the script returns 2.

This variable changes his value when the code calls to _getAccessLevel($grpMemAttr, $userDN) function, I can suppose that the values of $grpMemAttr and $userDN are:
$grpMemAttr = memberuid
$userDN = uid=dsptest,ou=Users,dc=example,dc=com

With this, the code returns 0 result because the user is not in the admin group or not find nothing with the filter:

(&(|(name=dsp))(memberuid=uid=dsptest,ou=Users,dc=example,dc=com)); Result: 0

As you don’t have setup the mobile group the next filter:
(&(|(name=))(memberuid=uid=dsptest,ou=Users,dc=example,dc=com)); Result: 0
Then the code returns $accessLevel = 0. if the user is not in the admin group or in the mobile group then the user don’t have access.

@The-Dealman said in RBAC functionality:

@Sebastian-Roth I was able to locate this but it’s kinda hard to tell where you are when you drill down into the role and you want to modify rules. Once I jump into the rules I can’t tell if i’m looking at the rules for just the role I created or if it’s all the default rules for all the roles, it feels like it should be some sort of bread crumb trail on the UI to indicate where you are at the time. Also I deleted the printers from the access control rules main menu as a test and it still shows up at the top menu bar, we are suppose to delete the access control rules we don’t want to show up right?

Sometimes occurs this XD, the problem in this case, I think but I am not very sure, is the order that the events run. One event “paint” the icon and another one “erase” it. The AccessControl plugin “erases” icons but if the “erase” event happens before the “paint” event, the icon appears in the webui XD. Try to add another rule and is probably that the icon desappears.

@The-Dealman said in RBAC functionality:

It would be great if we had some sort of RBAC functionality built into fog, it doesn’t need to be anything complex. My use case is that I have central office IT staff that will have full access to fog, but I have computer technicians at schools that I only want to be able to image computers and not to have access to the web interface. Can this be done?

The AccessControl plugin limits the access to the icons in the WebUI. With this plugin you can define which icons do you want to see in the menu bar and submenus.

You can define roles and rules:

• The roles are group of person, is a 1:N relationship. One role can have N persons but one person can be only in one role.
• The rules define the restrictions, what icons and submenus are not showed by the webui. The rules are asigned to the roles and one rule can be asigned to one or more roles, and viceversa.

With this, you can limit the access to the technicians to, for example, dashboard (is mandatory, if you add this rule the webui crashs), hosts, groups, images, snapin, tasks and logout. The technicioans don’t have access to the FOG configuration menus or storage nodes.

If you use this AccessControl Plugin with Site plugin, you can restrinct the access to the computers. With Site plugin you can asign computers to one Site and assign user to one site or sites, in this way the plugin create a realtionship User -> Site -> Computer. From the User tab you can restrinct the access to one user only to the computers that are in his/her site or sites.

@Tom-Elliott said in Multicast udpcast options:

Also, the recommendation for the max-bitrate issue is it already exists and is based on the Master Storage Node’s bitrate setting. The rexmit-hello-interval should also be added based on the Master storage node (as opposed to global values.)
This is simply because the global value means EVERYTHING that does multicast will use the same rexmit and bitrate settings. Having it per master storage node makes this much more dynamic and site specific.

You are right. Is better have a configuration per node than a global one.

I have done:

#git diff working-1.6…working – schema.php

And return me a lot of changes The new line in schema.php will be like this:

// 264
$this->schema[] = array(
    "ALTER TABLE `nfsGroupMembers` ADD COLUMN `ngmHelloInterval` "
    . "VARCHAR(8) AFTER `ngmMaxBitrate`",
);

I define the ngmHelloInterval like string and not like integer.

Hi @Sebastian-Roth,

The new code in the multicasttask.class.php from L418 to L494 is

    public function getCMD()
    {
        unset(
            $filelist,
            $buildcmd,
            $cmd
        );
        list(
            $address,
            $duplex,
            $multicastrdv,
            $maxwait,
            $maxbitrate,
            $rexmithello
        ) = self::getSubObjectIDs(
            'Service',
            array(
                'name' => array(
                    'FOG_MULTICAST_ADDRESS',
                    'FOG_MULTICAST_DUPLEX',
                    'FOG_MULTICAST_RENDEZVOUS',
                    'FOG_UDPCAST_MAXWAIT',
                    'FOG_MULTICAST_BITRATE',
                    'FOG_MULTICAST_HELLO'

                )
            ),
            'value',
            false,
            'AND',
            'name',
            false,
            ''
        );
        if ($address) {
            $address = long2ip(
                ip2long($address) + (
                    (
                        $this->getPortBase() / 2 + 1
                    ) % self::getSetting('FOG_MULTICAST_MAX_SESSIONS')
                )
            );
        }
        $buildcmd = array(
            UDPSENDERPATH,
            (
                $this->getBitrate() ?
                sprintf(' --max-bitrate %s', $this->getBitrate()) :
                null
            ),
            (
                $this->getInterface() ?
                sprintf(' --interface %s', $this->getInterface()) :
                null
            ),
            sprintf(
                ' --min-receivers %d',
                (
                    $this->getClientCount() ?
                    $this->getClientCount():
                    self::getClass('HostManager')->count()
                )
            ),
            sprintf(' --max-wait %s', '%d'),
            (
                $address ?
                sprintf(' --mcast-data-address %s', $address) :
                null
            ),
            (
                $multicastrdv ?
                sprintf(' --mcast-rdv-address %s', $multicastrdv) :
                null
            ),
            sprintf(' --portbase %s', $this->getPortBase()),
            sprintf(' %s', $duplex),
            (
                $maxbitrate ?
                sprintf(' --max-bitrate %s', $maxbitrate) :
                null
            ),
            (
                $rexmithello ?
                sprintf(' --rexmit-hello-interval %s', $rexmithello) :
                null
            ),
            ' --ttl 32',
            ' --nokbd',
            ' --nopointopoint',
        );
        $buildcmd = array_values(array_filter($buildcmd));

I added the $maxbitrate, $rexmithello variables and the options in the $buildcmd and two new global variables: ‘FOG_MULTICAST_BITRATE’ and ‘FOG_MULTICAST_HELLO’.

(
                $maxbitrate ?
                sprintf(' --max-bitrate %s', $maxbitrate) :
                null
            ),
            (
                $rexmithello ?
                sprintf(' --rexmit-hello-interval %s', $rexmithello) :
                null
            ),

Is necessary change the schema.php to add the two new global variables: ‘FOG_MULTICAST_BITRATE’, ‘FOG_MULTICAST_HELLO’. This variables are strings.

Hi @Sebastian-Roth and @Tom-Elliott ,

I have fixed this bug in my server making a little change in hostlogins function.

File: hostmanagementpage.class.php
Line: 3767

Route::listem('UserTracking');

To:

Route::listem('UserTracking',
            array(
                'hostID' => $this->obj->get('id'),
                'action' => array('', 0, 1)
            )
        );

I can push the changes but, maybe is better that Sebastian or Tom do them.

The answer is NO. The AccessControl plugin only restrincts the access in the WEBUI and not in the PXE booting.

@george1421 said in Use an external database:

@Fernando-Gietz said in Use an external database:

I can not say about the performance

I’m considering performance on a FOG system level.

<thinking out loud> There must have been a reason why Fernando made this change. He wouldn’t just make this change for fun?? There must have been some kind of issue with the integrated database to move it external. I wonder if he can tell performance wise the difference.

I only done a proof of concept, use an external database is a solution that is on the table. We wanted to answer the questioni if use an external database is possible. And the answer is YES, and without too much effort.

@Sebastian-Roth said in Use an external database:

@george1421 said in Use an external database:

There must have been some kind of issue with the integrated database to move it external. I wonder if he can tell performance wise the difference.

With 8000 hosts checking into your FOG server I can definitely see database queries being a bottleneck. FOG is not optimized to run in such huge environments (yet). Not saying that it cannot be done but some of the things have not been coded with such amount of clients in mind.

@Fernando-Gietz Which version of FOG do you currently run? I have pushed a couple of changes to the dev-branch (late last year I think) that should help performance wise. Not sure if you are aware of that.

The database is the bottleneck XD. In our case the server can not proccess all the SQL queries, the locks appear in the tables, these locks “lock” the apache server and noting works Yesterday the System guys moved the FOG server to a new VMWARE host and the MySQL performance has increased a lot of. But this is a temporal solution, as @Sebastian-Roth says FOG is not optimized for large environments. We have 8000 client in my server but I know an environment with 14000 client XD.

My FOG version is 1.5.5 for working branch, the last version.

@Wayne-Workman the university has a Galera Cluster, in case that we need use an external database, we wiil use an instance in this Galera environment.